<?php
session_start();

$fid = $_POST['fid'];
require("../sql/sqlCon.php");

$q = mysql_query("SELECT * FROM $uploadsTableName WHERE fileId = '$fid'");
$r = mysql_fetch_array($q);
if( empty($r['filePath']) ) echo "noSuchFile";

if( $r['byUserId'] === $_SESSION['userId'] || $_SESSION['userLevel'] == 1 || $_SESSION['userLevel'] == 2)
{
	require("uploaderConfigs.php");
	
	$relPath = $savePath.substr($r['filePath'], strrpos($r['filePath'], "/"), strlen($r['filePath']));
	

	$fh = fopen($relPath, 'w') or die("file not found");
	fclose($fh);
	unlink($relPath);
	
	if( $r['isImg'] ) // delete the thumb image aswell
	{
		unlink($relPath."_thumb.jpeg");
	}
	
	mysql_query("DELETE FROM $uploadsTableName WHERE fileId = '$fid'");
	$err = mysql_error();
	
	$q = mysql_query("SELECT uploadUsedSpaceKB FROM $usersExtendedTableName WHERE userId = '".$r['byUserId']."'");
	$res2 = mysql_fetch_array($q);
	$err = $err.mysql_error();
	
	mysql_query("UPDATE $usersExtendedTableName
				 SET uploadUsedSpaceKB = '".($res2['uploadUsedSpaceKB'] - $r['fileSizeKB'])."'
				 WHERE userId = '".$r['byUserId']."'");
	$err = $err.mysql_error();
	
	if( empty($err) ) echo 'ok';
	else echo $err;
}
else die('denied');
?>